<?php
	/******************************************
	 *	CURE Partners Administration Panel	  *
	 *										  *
	 * 	Author: Joe Morgan					  *
	 * 	Date: 05/2009						  *
	 * 										  *
	 * 	Comments:							  *
	 * 	May God be glorified through the use  *
	 *  of this website, even through the     *
	 *  weakness shown in myself as a         *
	 *  developer, a human, and a christian.  *
	 * 										  *
	 * 	In Hoc Signo Vinces					  *
	 *****************************************/
	
	//include('db_partners.php');
	require_once 'db_partners.php';

	// Global declaration for access to Affiliates database
	$partners_db = new dbPartners();
?>

<html>
	<head>
		<title>Partners Control Panel</title>
	</head>
	
	<body>
		<?php
			if($_SERVER['REQUEST_METHOD'] == 'POST')
			{
				$successfulUpdate = FALSE;
				
				//Detect which Submit button was pressed, and work accordingly
				switch(TRUE)
				{
					//	Insert
					case isset($_POST['insertRecord']):
						$sqlInsert = sprintf("INSERT INTO `partners`
											/*(`name`, `email`, `contact`, `website`, `phone`, `fax`)*/ 
											VALUES
											('%s','%s','%s','%s','%s','%s')",
											mysql_real_escape_string($_POST['name']),
											mysql_real_escape_string($_POST['email']),
											mysql_real_escape_string($_POST['contact']),
											mysql_real_escape_string($_POST['website']),
											mysql_real_escape_string($_POST['phone']),
											mysql_real_escape_string($_POST['fax']));

						if (!mysql_query($sqlInsert))
						{
							echo("Insert of " . $_POST['name'] . " failed\n");
						}
						else
						{
							echo($_POST[name] . " successfully added.<br/>\n" );	
						}
						break;

					//	Delete
					case isset($_POST['deleteRecord']):
						$sqlDelete = sprintf("	DELETE FROM `partners` 
												WHERE name = '%s'", 
												mysql_real_escape_string($_POST['partnersToDelete']));

						if (!mysql_query($sqlDelete))
						{
							echo("Deletion of " . $_POST['name'] . " failed\n");
						}
						else
						{
							echo($_POST[partnersToDelete] . " successfully removed.<br/>\n" );	
						}
						break;

					//	Select Candidate For Update
					case isset($_POST['choosePartner']):
						$sqlRowToUpdate = sprintf("	SELECT	name, email, contact_name, website, phone_number, fax_number
													FROM	partners
													WHERE	name = '%s'",
													mysql_real_escape_string($_POST['partnersToUpdate']));
													
						$partnerRecordToUpdate = mysql_fetch_assoc(mysql_query($sqlRowToUpdate));
						if (!partnerRecordToUpdate)
						{
							echo("Selection of " . $_POST['name'] . " failed\n");
						}
						break;

					//	Update Selected Candidate
					case isset($_POST['updateRecord']):
						$sqlUpdate = sprintf("	UPDATE	partners
												SET	`name` = '%s',
													`email` = '%s',
													`contact_name` = '%s',
													`website` = '%s',
													`phone_number` = '%s',
													`fax_number` = '%s'
												WHERE `name` = '%s'",
													mysql_real_escape_string($_POST['name']),
													mysql_real_escape_string($_POST['email']),
													mysql_real_escape_string($_POST['contact']),
													mysql_real_escape_string($_POST['website']),
													mysql_real_escape_string($_POST['phone']),
													mysql_real_escape_string($_POST['fax']),
													mysql_real_escape_string($_POST['originalName']));
						
						if (!mysql_query($sqlUpdate))
						{
							echo("Update of " . $_POST['name'] . " failed\n");
						}
						else
						{
							echo("Update Successful<br/>\n");
							$successfulUpdate = TRUE;
						}
						break;
				}
			}
		?>

		<!-- Insert Partner Form -->
		<form method="post">
			<h3 align="left">Add Partner/Affiliate</h3>
				Name: <input type="text" name="name" /><br />
				E-mail: <input type="text" name="email" /><br />
				Contact Name: <input type="text" name="contact" /><br />
				Website: <input type="text" name="website" /><br />
				Phone: <input type="text" name="phone" /><br />
				Fax: <input type="text" name="fax" /><br />
				<input type="submit" value="Insert Partner" name="insertRecord" />
				<br />
				<br />
		</form>
		<hr />

		<!-- Remove Partner Form -->
		<form method="post">
			<h3 align="left">Remove Partner/Affiliate</h3>
			<select name="partnersToDelete">
			<?php 
				$partners = $partners_db->get_partners();
				
				while($partners_row = mysql_fetch_array($partners, MYSQL_ASSOC))
				{
					echo("<option value='" . $partners_row["name"] . "'>'" . $partners_row["name"] . "'</option>\n");
				}
			?>
			</select><br />
			<input type="submit" value="Delete Partner" name="deleteRecord" />
		</form>
		<hr />

		<!-- Update Partner Form -->
		<form method="post">
			<h3 align="left">Update Partner/Affiliate</h3>


			<?php
				if($_SERVER['REQUEST_METHOD'] == 'POST')
				{
			?>
				<!-- Hidden Input -->
				<input type="hidden" name="originalName" value="<?php echo($partnerRecordToUpdate["name"]) ?>" />

				Name: <input type="text" name="name" value="<?php echo($partnerRecordToUpdate["name"]) ?>" /><br />
				E-mail: <input type="text" name="email" value="<?php echo($partnerRecordToUpdate["email"]) ?>" /><br />
				Contact Name: <input type="text" name="contact"  value="<?php echo($partnerRecordToUpdate["contact_name"]) ?>" /><br />
				Website: <input type="text" name="website"  value="<?php echo($partnerRecordToUpdate["website"]) ?>" /><br />
				Phone: <input type="text" name="phone"  value="<?php echo($partnerRecordToUpdate["phone_number"]) ?>" /><br />
				Fax: <input type="text" name="fax"  value="<?php echo($partnerRecordToUpdate["fax_number"]) ?>" /><br /><br />
			<?php 
				}			
			?>

			<select name="partnersToUpdate">
			<?php
				$partners = $partners_db->get_partners();

				while($partners_row = mysql_fetch_array($partners, MYSQL_ASSOC))
				{
					echo("<option value='" . $partners_row["name"] . "'>'" . $partners_row["name"] . "'</option>\n");
				}
			?>
			</select><br />
			
			<?php
				if($_SERVER['REQUEST_METHOD'] == 'POST' && !$successfulUpdate)
				{
			?>
					<input type="submit" value="Update Partner" name="updateRecord" />
			<?php
				}
				else
				{
			?>
				<input type="submit" value="Choose Partner" name="choosePartner" />
			<?php
				}
			?>
		</form>
		
	</body>	
</html>